Re: Sorry OpenBSD people, been a bit busy

2013-10-16 Thread Boudewijn Dijkstra
Op Wed, 09 Oct 2013 00:01:13 +0200 schreef Scott McEachern  
sc...@blackstaff.ca:

On 10/08/13 16:41, Kevin Chadwick wrote:

Back in the pre-WW2 days, Belgium (or was it the Netherlands?  I  
forget.) kept detailed census and medical data on their citizens,  
including their religious affiliation.  It was useful data for a  
friendly government, never to be abused.


I don't know about Belgium, but certainly in the Netherlands local  
authorities were required to keep resident registration, except at that  
time not medical data.


Then WW2 happened, and Hitler's Nazis invaded.  They found that data,  
especially the religion part, quite useful, and we all know how that  
turned out.


The problem was not that the data existed, the problem was that there  
wasn't a general preparedness to hide, evacuate or destroy it when  
justified.



--
(Remove the obvious prefix to reply privately.)
Gemaakt met Opera's e-mailprogramma: http://www.opera.com/mail/



Re: Sorry OpenBSD people, been a bit busy

2013-10-16 Thread Eric Furman
Yes, the US government has a long history of abusing its Constitutional
powers. That's why we must all hide all of our personal data from
them as much as possible.
Of course Google, Bing, Facebook and all those selfies we take
are excepted.
BWAAHHAHAHAHAHAHAHAHAHAHAH morons!


On Wed, Oct 16, 2013, at 06:19 AM, Boudewijn Dijkstra wrote:
 Op Wed, 09 Oct 2013 00:01:13 +0200 schreef Scott McEachern  
 sc...@blackstaff.ca:
  On 10/08/13 16:41, Kevin Chadwick wrote:
 
  Back in the pre-WW2 days, Belgium (or was it the Netherlands?  I  
  forget.) kept detailed census and medical data on their citizens,  
  including their religious affiliation.  It was useful data for a  
  friendly government, never to be abused.
 
 I don't know about Belgium, but certainly in the Netherlands local  
 authorities were required to keep resident registration, except at that  
 time not medical data.
 
  Then WW2 happened, and Hitler's Nazis invaded.  They found that data,  
  especially the religion part, quite useful, and we all know how that  
  turned out.
 
 The problem was not that the data existed, the problem was that there  
 wasn't a general preparedness to hide, evacuate or destroy it when  
 justified.
 
 
 -- 
 (Remove the obvious prefix to reply privately.)
 Gemaakt met Opera's e-mailprogramma: http://www.opera.com/mail/



Re: Sorry OpenBSD people, been a bit busy

2013-10-16 Thread Peter Hessler
Please stop.



Re: Sorry OpenBSD people, been a bit busy

2013-10-09 Thread Zé Loff
On Oct 9, 2013, at 12:15 AM, Scott McEachern sc...@blackstaff.ca wrote:

 On 10/08/13 17:38, Richard Thornton wrote:
 I am not flippant enough to say that the NSA revelations do not matter,
 but what are we supposed to do?  The Middle Eastern terrorism threat is
 real and we need to be able to stop them anyway necessary.
 
 All it takes is one of them to hit every Walmart in the neighborhood,
 buy every pay-as-you-go phone they have, then pass them out to their
 friends in every Mosque.  Now you have a new terrorism threat.  So,
 welcome to the real world my friend, and wake up.

[...]

 And for the record, both you and Ze Loff should stick to facts and rational 
 discussion.  Bigots and morons are best defeated with those, and they'll show 
 their true colours, debasing their own opinions.  There's no need for insults 
 and ad hominem attacks.

First of all I owe an apology to the list and, albeit partially, to Richard. I 
now realise I overreacted a bit. I don't think hate (in the broadest sense of 
the word) belongs in this list and the comments the kind of which Richard made 
really get on my nerves. Ironically enough, I ended up spreading the hate 
myself. Again, my apologies.

That being said, Richard, if you still stand behind your comment and your gross 
generalisation about muslims, I must still call you a bigot. And just for the 
sake of clarity I have the utmost respect for the victims of 9/11, as I have 
for those in Boston, Fallujah, Gaza, Auschwitz, Sbrenica, Sudan, Rwanda, 
Chechnya or in that theatre in Moscow a few years ago. In short for every one 
who was harmed by some idiot/state who thinks his beliefs (religious or not) is 
better than the rest of them. The all muslims are terrorists generalisation 
is as dumb and shortsighted as saying all blond girls are stupid, all americans 
are fat gun fanatics, all germans are nazis, all jews are... I'm sure you get 
the point.

Just to bring this slightly back on-topic, please realise that terrorism (as 
real as it is) has been used as an pretext. Intercepting communications on the 
UN has nothing to do with it, nor does planting bugs on the European 
Parliament, nor does spying on Brasil's President or its state oil company.

And Scott, thanks for setting me straight and for the rest of your message.


Again sorry for the noise and kudos on the YYCIX, Theo.
Zé



Re: Sorry OpenBSD people, been a bit busy

2013-10-09 Thread Zé Loff
On Oct 9, 2013, at 3:44 AM, Benjamin Heath benjamin.joel.he...@gmail.com 
wrote:

 But, people have given up this information. They weren't even paid or
 coerced. Why so naive?

(Quite) a few years ago, the Dutch government wanted to make sure everyone had 
a proper burial, according to each one's beliefs and rituals. So they asked 
people to state their religious beliefs. This is a good idea right? Everyone's 
wishes get respected even if you had no family or if your whole family died in 
an accident or fire or whatever. Besides, I've got nothing to hide, being 
insert your religion here is nothing to be ashamed of and I'm proud of my 
heritage. So the government made a nice list. And then a few years later 
Germany invaded the Netherlands.

Point being, it's not naiveté. It's this whole I've got nothing to hide 
anyway, let them look / I am not that important mentality. People fail to 
realise that this is not about you having something to hide or not. It's about 
your right to hide something /if and when you want to/.



Re: Sorry OpenBSD people, been a bit busy

2013-10-09 Thread Scott McEachern

On 10/09/13 05:08, Zé Loff wrote:


(Quite) a few years ago, the Dutch government wanted to make sure everyone had a proper burial, 
according to each one's beliefs and rituals. So they asked people to state their religious 
beliefs. This is a good idea right? Everyone's wishes get respected even if you had no family 
or if your whole family died in an accident or fire or whatever. Besides, I've got 
nothing to hide, being insert your religion here is nothing to be ashamed of and I'm 
proud of my heritage. So the government made a nice list. And then a few years later 
Germany invaded the Netherlands.

Point being, it's not naiveté. It's this whole I've got nothing to hide anyway, let them 
look / I am not that important mentality. People fail to realise that this is not 
about you having something to hide or not. It's about your right to hide something /if and when you 
want to/.


Both of your last two posts, well said.

Thanks for pointing out that it was the Netherlands that kept that data, 
and why.  When I mentioned it earlier, I wasn't sure earlier if it was 
the Belgians or the Dutch, or why.  Good to know, and remember.


--
Scott McEachern

https://www.blackstaff.ca

Beware the Four Horsemen of the Information Apocalypse: terrorists, drug dealers, 
kidnappers, and child pornographers. Seems like you can scare any public into allowing 
the government to do anything with those four.  -- Bruce Schneier



Re: Sorry OpenBSD people, been a bit busy

2013-10-09 Thread Richard Thornton
I am not stupid  midwestern enough to believe that all Muslims are a
terrorist threat.  My son is half jewish and I am not even reflexively
pro-israel.  I find that when I enter a church or a temple, its a bit
of mental torture;  over the weekend I was at a bat mitzvah and believe
me, it was torture. I am about as far from the beliefs of david horowitz
as you can get.  I live near Princeton, and personally I think that NJ is
a police state;  they actually monitor people's license plates and I was
harrassed 5 years ago in a park near princeton, because I was caught
there after dark in my car with a partially used bottle of wine.
They harrassed me for over 15 minutes making me dance around out of my
car, then they let me go;  later I was in the starbucks in princeton,
about midnite, and these two saw me and started laughing.  Its all a joke
to these guys - law  order.

Anyway, according to bin laden, he just wanted us out
of arab lands.  That was his main gripe.  Boy, if thats all it takes, I
would go in a heart beat, why fight these guys?  But somehow I think they
also want us out of portugal, spain, turkey, north africa, and ultimately
israel.  Last year I saw David Broza at 92nd St Y;  he personally
sponsored 4 young musicians from Nazareth, 3 of whom were palestinian.
I have to tell you, at least 85% of the audience, standing room only was
jewish, and all loved this guy and the concert.  Obviously there are
people on the other side, including myself, looking for an olive branch
and a way out of this global mess, buts whats with all these draconian
blasphemy laws in places like pakistand, iran, and saudi arabia?  Why cant
a britsh citizen like Rushdie write a book iranians dont like and be in
hiding for literally years?  They even targeted publishers in NYC over his
book.  What about the Van Gogh murder? It is a concern of mine that
what is happening in France with Algerians, and others, and what is in
England with Pakistanis will spill into NJ.  We shouldnt unfairly target
muslims, but they should likewise leave me alone;  I may be the great
satan, but I have never advocated military action in any of their lands,
except to get bin laden in 2002.


On Wed, 9 Oct 2013, Zé Loff wrote:

 On Oct 9, 2013, at 12:15 AM, Scott McEachern sc...@blackstaff.ca wrote:

 On 10/08/13 17:38, Richard Thornton wrote:
 I am not flippant enough to say that the NSA revelations do not matter,
 but what are we supposed to do?  The Middle Eastern terrorism threat is
 real and we need to be able to stop them anyway necessary.

 All it takes is one of them to hit every Walmart in the neighborhood,
 buy every pay-as-you-go phone they have, then pass them out to their
 friends in every Mosque.  Now you have a new terrorism threat.  So,
 welcome to the real world my friend, and wake up.

 [...]

 And for the record, both you and Ze Loff should stick to facts and rational
discussion.  Bigots and morons are best defeated with those, and they'll show
their true colours, debasing their own opinions.  There's no need for insults
and ad hominem attacks.

 First of all I owe an apology to the list and, albeit partially, to Richard.
I now realise I overreacted a bit. I don't think hate (in the broadest sense
of the word) belongs in this list and the comments the kind of which Richard
made really get on my nerves. Ironically enough, I ended up spreading the hate
myself. Again, my apologies.

 That being said, Richard, if you still stand behind your comment and your
gross generalisation about muslims, I must still call you a bigot. And just
for the sake of clarity I have the utmost respect for the victims of 9/11, as
I have for those in Boston, Fallujah, Gaza, Auschwitz, Sbrenica, Sudan,
Rwanda, Chechnya or in that theatre in Moscow a few years ago. In short for
every one who was harmed by some idiot/state who thinks his beliefs (religious
or not) is better than the rest of them. The all muslims are terrorists
generalisation is as dumb and shortsighted as saying all blond girls are
stupid, all americans are fat gun fanatics, all germans are nazis, all jews
are... I'm sure you get the point.

 Just to bring this slightly back on-topic, please realise that terrorism (as
real as it is) has been used as an pretext. Intercepting communications on the
UN has nothing to do with it, nor does planting bugs on the European
Parliament, nor does spying on Brasil's President or its state oil company.

 And Scott, thanks for setting me straight and for the rest of your message.


 Again sorry for the noise and kudos on the YYCIX, Theo.
 Zé



Re: Sorry OpenBSD people, been a bit busy

2013-10-09 Thread Peter Hessler
This has gotten massively off topic.  Can we please let the thread end here?



Re: Sorry OpenBSD people, been a bit busy

2013-10-09 Thread Christiano F. Haesbaert
It might come as a shock for you all.

But we don't give a flying fuck for what you guys think about X where
X is not related to OpenBSD.

Try #ihavetheurgetoexpressmyfeeelings in irc.disney.com



Re: Sorry OpenBSD people, been a bit busy

2013-10-09 Thread Richard Thornton
You're right!  I am outa here!  Bye!


On Wed, Oct 9, 2013 at 7:18 AM, Peter Hessler phess...@theapt.org wrote:

 This has gotten massively off topic.  Can we please let the thread end
 here?



Re: Sorry OpenBSD people, been a bit busy

2013-10-09 Thread sbienddr...@googlemail.com

Am I being monitored for receiving these emails?

On 10/09/13 12:18, Peter Hessler wrote:

This has gotten massively off topic.  Can we please let the thread end here?




Re: Sorry OpenBSD people, been a bit busy

2013-10-09 Thread John Long
On Wed, Oct 09, 2013 at 12:41:07PM +0100, sbienddr...@googlemail.com wrote:
 Am I being monitored for receiving these emails?

No, you're being monitored for using google, stupid.

Did anybody consider the possibility Theo didn't start this thread? The
email headers looked ok at a quick glance but that didn't sound very much
like him.



Re: Sorry OpenBSD people, been a bit busy

2013-10-09 Thread Jérémie Courrèges-Anglas
John Long codeb...@inbox.lv writes:

 On Wed, Oct 09, 2013 at 12:41:07PM +0100, sbienddr...@googlemail.com wrote:
 Am I being monitored for receiving these emails?

 No, you're being monitored for using google, stupid.

Please follow Peter's advice:

On 10/09/13 12:18, Peter Hessler wrote:
 This has gotten massively off topic.  Can we please let the thread end here?


 Did anybody consider the possibility Theo didn't start this thread? The
 email headers looked ok at a quick glance but that didn't sound very much
 like him.

He did.

-- 
jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90  8961 6191 8FBF 06A1 1494



Re: Sorry OpenBSD people, been a bit busy

2013-10-09 Thread Peter Hessler
Please stop

-- 
There are people so addicted to exaggeration
that they can't tell the truth without lying.
-- Josh Billings



Re: Sorry OpenBSD people, been a bit busy

2013-10-08 Thread hruodr
On Mon, 7 Oct 2013, James Griffin wrote:

 [...] But when people don't listen, or continuosly repeat themselves 
 unnecessarily, the discussion digresses and becomes irrelevent and/or 
 annoying for those of us subscribed to the list. That's the point I 
 tried to make. Anyway, this is digressing too. 

No. This was obviously not the reason. The offenses did not come from
people that complained about the amount of Emails. And I was not in the
discussion alone: mainly I answered; if I repeated, then because people 
did not understand me. Perhaps was the thema a little off-topic, but in my 
oppinion not irrelevant, it deserves to be discussed, and an objective 
discussion here was impossible. On the other side, I understand that such
discussions can be disturbing in a mailing list. This is one of the reasons
because I was for the existence of the old OpenBSD Usenet Groups.

In my opinion, the reason of the insults and diffamations is something very
primitive. For many people the operating system they use is part of their 
identity (as for others their car or their mobile telephone). Without 
their Operating System they feel to be no one. Belonging to a community 
they feel as part of an elite. Insulting and diffamating people outside 
make these feelings stronger, people insulting and diffamiting one individual
feel to be more together, they need it colectively from time to time.
Not to be part of it is a question of conscience, also of education,
from the ones that do it you cannot expect a much better behaviour.
BTW. The insults came together with the demand that I leave the list, not that
I stop posting about the thema: I was the enemy outside the community.

Rodrigo.



Re: Sorry OpenBSD people, been a bit busy

2013-10-08 Thread Kevin Chadwick
 Why?  With a group of others, I started setting up an Internet
 Exchange in Calgary, and this has taken much time because it is highly
 politicized and has encountered some resistance.

So has your internet access (ISP) improved too since a while back or
just locally and what resistance did you encounter - pro surveillance?

The UK broadband speeds have shot up and become more of an asset but
they are also becoming far more of a liability too. I am not too
bothered about well secured?? monitoring systems for the good of us all
by authorites that perhaps put as much importance on the security of the
monitoring systems as anyone else? if not more? but I am extremely
concerned about the government now even pushing ISPs to put in layer 7
filters such as TalkTalks homesafe on the cheapest and crappiest
hardware (of the same make as those with backdoors in audio switches,
thankfully firewalled) and possibly providing a cover for the previously
rejected advertising data harvesting systems of the future under the
compelling and so reason scuppering highly questionable method of
stopping kiddy porn.


If only more ISP engineers understood why OpenBSD is so secure or
atleast as much as they traditionally did with the mantra of ISP's
transport packets and that's all for safety reasons.

-- 
___

'Write programs that do one thing and do it well. Write programs to work
together. Write programs to handle text streams, because that is a
universal interface'

(Doug McIlroy)

In Other Words - Don't design like polkit or systemd
___



Re: Sorry OpenBSD people, been a bit busy

2013-10-08 Thread Scott McEachern

On 10/08/13 07:20, Kevin Chadwick wrote:


So has your internet access (ISP) improved too since a while back or
just locally and what resistance did you encounter - pro surveillance?

The UK broadband speeds have shot up and become more of an asset but
they are also becoming far more of a liability too. I am not too
bothered about well secured?? monitoring systems for the good of us all
by authorites that perhaps put as much importance on the security of the
monitoring systems as anyone else? if not more? but I am extremely
concerned about the government now even pushing ISPs to put in layer 7
filters such as TalkTalks homesafe on the cheapest and crappiest
hardware (of the same make as those with backdoors in audio switches,
thankfully firewalled) and possibly providing a cover for the previously
rejected advertising data harvesting systems of the future under the
compelling and so reason scuppering highly questionable method of
stopping kiddy porn.


If only more ISP engineers understood why OpenBSD is so secure or
atleast as much as they traditionally did with the mantra of ISP's
transport packets and that's all for safety reasons.


I didn't want to bring this up before, but it might be an interesting 
discussion, even though off-topic.  Feel free to ignore this part of the 
thread.


After reading Theo's post, I wondered what effect an IX had on what we 
now know about NSA surveillance.  I don't know anything about it, but I 
suspect it won't make any difference.


Some of Snowden's leaked documents detail how the NSA has the private 
keys for various US corporations, and they set up various computers on 
the backbone links.  Basically, the NSA can imperceptibly vacuum up all 
data.  Scary shit, really.


A few people have suggested they are vacuuming /everything/, not just 
foreigners, while others counter that there's just too much data, and 
it's infeasible for them to store it.


I propose that not only is it possible, but quite likely.  When google 
mysteriously went offline for about 5 minutes a while back, it was said 
that Internet traffic dropped by 40%.  A shitload of that is going to be 
YouTube, which the NSA can easily ignore.  I've also heard that 
something like 40% of Internet traffic is porn, so they can ignore that, 
too.  Another big chunk goes to people downloading movies/TV by NetFlix, 
torrent or from the cable-type companies themselves.  Again, the actual 
content can be ignored, but the metadata can be kept.  Duplicate data 
can be ignored as well. There's no need for the NSA to keep 10,000 
copies of the same shit Fox or CNN spews to 10,000 daily visitors.  Just 
keep the metadata. No need to keep advertisements, cool graphics/CSS 
stuff, or HTML. That can all be stripped away.


Whether those 40% numbers are accurate or not -- and I doubt they are 
-- isn't the point.  The point is that a metric shitload of content can 
be safely ignored.  It wouldn't surprise me in the least if it were to 
be revealed that all the NSA actually traps is maybe 5% of total 
Internet traffic.  Not because of a lack of capacity, but a lack of 
interest in crap.  Now go look at the two big data centres under 
construction.  Everyone knows about the Utah data centre, but there's 
another, slightly smaller one, under construction on the East coast.  
(Sorry, I can't remember exactly where.)


But that's not the scariest thing.

The scariest thing is when a friend of mine talked about how cool his 
smartphone is.  I replied with the standard stuff:  You're being 
watched and recorded (etc).  He said he doesn't care.  He just doesn't 
care if the government watched the sex vids he shared with some ladies 
online, or read his emails.  Paraphrasing him, he asked, When was the 
last time someone I knew had a government official knock on their door?  
Never!  And you'll never see it happen in your lifetime, either!


I did reply with a few thought-provoking ideas, but I know damn well he 
won't think about it, because he just doesn't care, and no matter what I 
say, he never will.  (I did ask him, when /will/ it be too much for you, 
and will it be too late?  He didn't reply.)


I would suggest that most of the general population shares his apathy.  
Sure, a few people get riled up for a few minutes, but that goes away 
when Miley does something stupid with her ass, a dancing show comes on, 
or Michael Bay blows up a lot of stuff on the big screen.


Now we're finding out that the FBI and NSA own a whole lot of Tor 
nodes.  Some suspect half of them are government controlled, especially 
the exit nodes.


More scary?  The likes of Bruce Schneier and Glenn Greenwald, both privy 
to the compendium of Snowden's documents, are saying things like We 
haven't seen the half of it...  It gets worse.  I can't wait..


A question for Theo and those in the know:  Do these IXs in any way 
deter or foil the NSA?  Or do they just make for better connectivity?  
Just curious.


@Kevin Chadwick:  About your comment 

Re: Sorry OpenBSD people, been a bit busy

2013-10-08 Thread Kyle R W Milz
On Tue, Oct 08, 2013 at 08:20:32AM -0400, Scott McEachern wrote:
 I didn't want to bring this up before, but it might be an
 interesting discussion, even though off-topic.  Feel free to ignore
 this part of the thread.
 
 After reading Theo's post, I wondered what effect an IX had on what
 we now know about NSA surveillance.  I don't know anything about it,
 but I suspect it won't make any difference.

I have a colocated server in the same data center that the IX is being
installed in. I live in Calgary and also have a home internet connection
with a major ISP here, Shaw Cable.

Traceroutes from my home to the data centre are pretty normal, enmax
envision is a local commercial fibre carrier:

traceroute to getaddrinfo.net (216.171.227.98), 64 hops max, 40 byte packets
 1  192.168.1.1 (192.168.1.1)  6.809 ms  2.461 ms  14.730 ms
 2  * * *
 3  64.59.132.169 (64.59.132.169)  14.543 ms  10.710 ms  13.220 ms
 4  66.163.71.102 (66.163.71.102)  13.731 ms ra2so-tge2-1.cg.shawcable.net 
(66.163.71.98)  14.216 ms  13.916 ms
 5  rx0so-enmax.cg.bigpipeinc.com (66.244.207.158)  13.478 ms  10.950 ms  
14.982 ms
 6  a72-29-245-70.enmaxenvison.net (72.29.245.70)  12.979 ms  33.446 ms  9.483 
ms
 7  a72-29-245-66.enmaxenvison.net (72.29.245.66)  14.227 ms  13.917 ms  16.484 
ms
 8  216-171-224-253.datahive.ca (216.171.224.253)  9.981 ms  14.946 ms  25.484 
ms
 9  216-171-224-5.datahive.ca (216.171.224.5)  46.234 ms  29.974 ms  35.703 ms
10  216-171-227-98.datahive.ca (216.171.227.98)  36.741 ms  40.197 ms  41.490 ms

Now here is where things get interesting, from the data centre to my
home:

traceroute to krwm.net (184.64.152.209), 64 hops max, 40 byte packets
 1  216-171-227-97.datahive.ca (216.171.227.97)  0.636 ms  0.622 ms  0.411 ms
 2  216-171-224-246.datahive.ca (216.171.224.246)  0.409 ms  0.505 ms  0.561 ms
 3  gige-g2-7.core1.yyc1.he.net (72.52.101.149)  6.267 ms  0.823 ms  0.557 ms
 4  10gigabitethernet3-2.core1.yvr1.he.net (184.105.223.218)  17.967 ms  11.860 
ms  16.505 ms
 5  10gigabitethernet12-3.core1.sea1.he.net (184.105.222.1)  35.960 ms  14.592 
ms  20.456 ms
 6  rc1wt-ge4-1.wa.shawcable.net (206.81.80.54)  27.318 ms  23.863 ms  23.819 ms
 7  66.163.70.209 (66.163.70.209)  19.439 ms  20.140 ms  19.439 ms
 8  dx6no-g1.cg.shawcable.net (64.59.132.170)  24.978 ms  20.165 ms  19.573 ms
 9  krwm.net (184.64.152.209)  139.806 ms  33.179 ms  27.907 ms

Take a look at the 5th and 6th hops, they are in the US. The data
goes from Calgary to Vancouver down into the US to Seattle and then all
the way back to Calgary.

So long winded answer to your question: Canadian internet traffic will
stay in Canada and won't make these ridiculous loops.

I guess if the NSA has coerced with CSIS or whatever the Canadian
equivalent is then there might be cause for worry there (quite likely as
we parrot almost everything the US does).

 Some of Snowden's leaked documents detail how the NSA has the
 private keys for various US corporations, and they set up various
 computers on the backbone links.  Basically, the NSA can
 imperceptibly vacuum up all data.  Scary shit, really.
 
 A few people have suggested they are vacuuming /everything/, not
 just foreigners, while others counter that there's just too much
 data, and it's infeasible for them to store it.
 
 I propose that not only is it possible, but quite likely.  When
 google mysteriously went offline for about 5 minutes a while back,
 it was said that Internet traffic dropped by 40%.  A shitload of
 that is going to be YouTube, which the NSA can easily ignore.  I've
 also heard that something like 40% of Internet traffic is porn, so
 they can ignore that, too.  Another big chunk goes to people
 downloading movies/TV by NetFlix, torrent or from the cable-type
 companies themselves.  Again, the actual content can be ignored, but
 the metadata can be kept.  Duplicate data can be ignored as well.
 There's no need for the NSA to keep 10,000 copies of the same shit
 Fox or CNN spews to 10,000 daily visitors.  Just keep the metadata.
 No need to keep advertisements, cool graphics/CSS stuff, or HTML.
 That can all be stripped away.
 
 Whether those 40% numbers are accurate or not -- and I doubt they
 are -- isn't the point.  The point is that a metric shitload of
 content can be safely ignored.  It wouldn't surprise me in the least
 if it were to be revealed that all the NSA actually traps is maybe
 5% of total Internet traffic.  Not because of a lack of capacity,
 but a lack of interest in crap.  Now go look at the two big data
 centres under construction.  Everyone knows about the Utah data
 centre, but there's another, slightly smaller one, under
 construction on the East coast.  (Sorry, I can't remember exactly
 where.)
 
 But that's not the scariest thing.
 
 The scariest thing is when a friend of mine talked about how cool
 his smartphone is.  I replied with the standard stuff:  You're
 being watched and recorded (etc).  He said he doesn't care.  He
 just doesn't care if the 

Re: Sorry OpenBSD people, been a bit busy

2013-10-08 Thread Scott McEachern

On 10/08/13 10:33, Kyle R W Milz wrote:

Now here is where things get interesting, from the data centre to my
home:

[...]

Take a look at the 5th and 6th hops, they are in the US. The data
goes from Calgary to Vancouver down into the US to Seattle and then all
the way back to Calgary.

So long winded answer to your question: Canadian internet traffic will
stay in Canada and won't make these ridiculous loops.

I guess if the NSA has coerced with CSIS or whatever the Canadian
equivalent is then there might be cause for worry there (quite likely as
we parrot almost everything the US does).


I've seen similar paths when tracerouting from my location (NE of 
Toronto) to west coast sites.  Depending on the site, the packets take a 
little detour to NYC, Chicago, Seattle, etc., before coming back into 
Canada.


Please forgive my little ramble here:

20 years ago, my girlfriend and I drove from Whitby, Ontario (just east 
of Toronto) to Banff, Alberta.  We drove through Calgary, BTW. On our 
way out there, we decided to take a short cut through some northern 
states: Michigan, Wisconsin, Minnesota and finally North Dakota, before 
heading north to Winnipeg, and continuing west.  It was considerably 
shorter than driving through northern Ontario, above Lake Superior.


Stupid me, I completely forgot I had a bag containing something the 
border authorities would very seriously frown upon.  They gave a cursory 
check to the trunk, and I paid a $2 duty on the (obvious) case of beer 
that I bought in Canada.  The guys in the car ahead of us got the full 
shakedown.


We slept in the car until the border opened.  It wasn't until we pitched 
our tents for the first time, the next night, and broke out the bag, 
that I realized my (our) mistake.  Needless to say, we didn't cross the 
border again and took the long way home.


My point is that staying in Canada and not crossing the border might be 
a good idea by car, (and that was pre-9/11), but I don't think in this 
day and age that it really matters if your packets cross the border or not.


Remember, Canada is one of the Five Eyes (along with the US, UK, 
Australia and New Zealand) whose intelligence agencies happily share 
information.  How much, we don't know, but it gets around legal 
loopholes about not being able to spy on your own citizens.  (Which the 
NSA disregards entirely.)


The Canadian equivalent to the NSA isn't CSIS, it's CSEC. 
https://en.wikipedia.org/wiki/Communications_Security_Establishment_Canada 
The ECHELON section on that page explains the Five Eyes setup, about 
sharing information, and it's been going on since 1948.  And don't 
forget, since we are foreign, it is within the NSA's mandate to 
monitor us.


So you bet your ass they are watching us, because they can.

While I have no proof of this, it is strictly my unfounded theory, I 
would also think that the NSA pays particular interest to OpenBSD. It's 
right there on the OpenBSD site's pages that they're located in Canada 
to /specifically/ avoid US interference.


If you were the NSA, wouldn't you find an organization that:

1) blatantly says they're in Canada to avoid US government problems,
2) is arguably the most secure OS on the market,
3) (I think..) was the first to use integrated heavy crypto, including 
IPSec,
4) has a subtle (and sometimes not so subtle) 
anti-government/anti-establishment tone on the mailing lists,

5) is completely open source with all commits publicly viewable,
6) is probably run by a bunch of commie hippies (in their eyes),

wouldn't /you/ (as the NSA) keep an eye on those liberal bastards?

My friend replied to me, from his gmail account, to my email server 
located in my own home, using my own Canadian-registered domain, And if 
a government really wanted to track you, well, lets face the facts. You 
and I just aren't that important. haha


I had to point out to him that, let's face facts, you are exactly one 
degree of separation from someone, who (albeit tangentially) is involved 
with not just any FOSS organization, but OpenBSD, who is /probably/ 
watched.  I'm in the list archives, and listed on the donations page.  
You are one degree of separation from someone who runs their own 
servers, has publicly said uses full disk encryption on Internet-related 
servers (and knows how to pull a power cord), and runs a members-only 
site that requires HTTPS.  All of that is considered suspicious.  If 
the NSA is looking around, they've probably noticed me, and looked at 
me.  Too paranoid?


I failed to mention (here), that one of my oldest friends is in the 
Canadian Forces.  He works in SIGINT.  I don't know what he does, and I 
don't know his exact clearance, just that at the least it's secret 
level.  I know he can't talk about anything work-related (and doesn't).  
Before he got his clearance, how far did they look into my friend's 
friends, like me?  I have no idea.


So, I said to my other friend: that You and I just aren't that 
important. haha may 

Re: Sorry OpenBSD people, been a bit busy

2013-10-08 Thread Martin Schröder
2013/10/8 Kyle R W Milz k...@getaddrinfo.net:
 I guess if the NSA has coerced with CSIS or whatever the Canadian
 equivalent is then there might be cause for worry there (quite likely as
 we parrot almost everything the US does).

YYCIX is subject to canadian laws.
It likely must have a lawful interception interface for the canadian
police/whatever.
Canada is a member of Five Eyes.

Best
   Martin



Re: Sorry OpenBSD people, been a bit busy

2013-10-08 Thread Kevin Chadwick
 Food for thought for everyone, but like I said, he doesn't care and 
 won't think about it.

As I say I am far more concerned about 'modern' incompetent ISP's.
Uncaring ISPs or ISP's that can only care about profit (and so
advertising) or they are out of business and tasking them (perhaps to
their delight) with layer 7 filtering which requires great care and
expertise and arguably only securable passively which I am sure they
will not be doing.

This should certainly be stopped as it may give people with mostly evil
intentions similar access as the NSA or just reduce reliability perhaps
at a time when the net is needed most. Sounds like it was quite a bit
of work though or was that mostly the resistance?

Global government surveilance is not going to be stopped or the
backbone avoided and atleast likely comes from mostly good intentions
even if it is bound to be abused or infiltrated at times.

-- 
___

'Write programs that do one thing and do it well. Write programs to work
together. Write programs to handle text streams, because that is a
universal interface'

(Doug McIlroy)

In Other Words - Don't design like polkit or systemd
___



Re: Sorry OpenBSD people, been a bit busy

2013-10-08 Thread Scott McEachern

On 10/08/13 16:36, Martin Schröder wrote:

YYCIX is subject to canadian laws.
It likely must have a lawful interception interface for the canadian
police/whatever.


Americans are subject to the highest law of the land:  The US 
Constitution.  You know, that document the President and damned near 
every government employee has sworn an oath to obey and protect.


The NSA has broken that oath.  Not long after the Snowden leaks started, 
the Director of National Intelligence, James Clapper, spoke before 
congress and explained what the NSA is up to, in an attempt to play 
down Snowden's revelations.  Then more Snowden documents came out, 
proving that the DNI just /lied/ to congress.  Curiously, he's not in 
jail, and is still in office.  Lying to congress is an indictable 
offense, er, a felony offence in US legal-speak.


Now here's another fun bit of trivia for you:  The constitution outranks 
*all* other laws, like state, regional, municipal, etc. All except one:  
Foreign treaties.  They hold equal rank to the constitution.  Think 
about that, vis a vis foreign treaties with other intelligence 
agencies.  The same applies in Canada with our Constitution and Bill of 
Rights.


Lawful interception, you say?  Subject to Canadian laws?  Privacy laws?  
There are no privacy laws in either the US or Canadian constitutions; 
look it up.  But we /do/ have treaties.



Canada is a member of Five Eyes.


Thank-you for proving my point.  Nice treaties with the other members 
since 1948.  Treaties that have equivalent legal weight to the 
constitutions of the respective countries.


If you think our (Canadian) morally superior privacy laws, and our 
national/provincial privacy commissioners have any say in the matter, 
you're fooling yourself.


A couple of weeks ago, John Tory, a very well-respected radio 
commentator (and former lawyer, former CEO of Rogers, former politician, 
etc.) on a respected AM talk radio station, interviewed a fellow who 
works deep inside the telecom industry.  Sorry, I can't remember the 
chap's name.  Tory asked the guy, So what ISPs are giving customer data 
to the government?  The guy deadpanned, All of them.  All of them are 
doing it.


Of course, there's no actual proof of this at the moment, but given what 
Snowden has released so far, and what those documents indicate (eg. 
PRISM) I think this theory has moved from pure speculation to most 
likely status.


--
Scott McEachern

https://www.blackstaff.ca

Beware the Four Horsemen of the Information Apocalypse: terrorists, drug dealers, 
kidnappers, and child pornographers. Seems like you can scare any public into allowing 
the government to do anything with those four.  -- Bruce Schneier



Re: Sorry OpenBSD people, been a bit busy

2013-10-08 Thread Richard Thornton
I am not flippant enough to say that the NSA revelations do not matter,
but what are we supposed to do?  The Middle Eastern terrorism threat is
real and we need to be able to stop them anyway necessary.

All it takes is one of them to hit every Walmart in the neighborhood,
buy every pay-as-you-go phone they have, then pass them out to their
friends in every Mosque.  Now you have a new terrorism threat.  So,
welcome to the real world my friend, and wake up.


On Tue, 8 Oct 2013, Scott McEachern wrote:

 On 10/08/13 16:36, Martin Schröder wrote:
 YYCIX is subject to canadian laws.
 It likely must have a lawful interception interface for the canadian
 police/whatever.

 Americans are subject to the highest law of the land:  The US Constitution.
 You know, that document the President and damned near every government
 employee has sworn an oath to obey and protect.

 The NSA has broken that oath.  Not long after the Snowden leaks started, the
 Director of National Intelligence, James Clapper, spoke before congress and
 explained what the NSA is up to, in an attempt to play down Snowden's
 revelations.  Then more Snowden documents came out, proving that the DNI
just
 /lied/ to congress.  Curiously, he's not in jail, and is still in office.
 Lying to congress is an indictable offense, er, a felony offence in US
 legal-speak.

 Now here's another fun bit of trivia for you:  The constitution outranks
 *all* other laws, like state, regional, municipal, etc. All except one:
 Foreign treaties.  They hold equal rank to the constitution.  Think about
 that, vis a vis foreign treaties with other intelligence agencies.  The same
 applies in Canada with our Constitution and Bill of Rights.

 Lawful interception, you say?  Subject to Canadian laws?  Privacy laws?
 There are no privacy laws in either the US or Canadian constitutions; look
it
 up.  But we /do/ have treaties.

 Canada is a member of Five Eyes.

 Thank-you for proving my point.  Nice treaties with the other members since
 1948.  Treaties that have equivalent legal weight to the constitutions of
the
 respective countries.

 If you think our (Canadian) morally superior privacy laws, and our
 national/provincial privacy commissioners have any say in the matter, you're
 fooling yourself.

 A couple of weeks ago, John Tory, a very well-respected radio commentator
 (and former lawyer, former CEO of Rogers, former politician, etc.) on a
 respected AM talk radio station, interviewed a fellow who works deep inside
 the telecom industry.  Sorry, I can't remember the chap's name.  Tory asked
 the guy, So what ISPs are giving customer data to the government?  The guy
 deadpanned, All of them.  All of them are doing it.

 Of course, there's no actual proof of this at the moment, but given what
 Snowden has released so far, and what those documents indicate (eg. PRISM) I
 think this theory has moved from pure speculation to most likely
status.

 --
 Scott McEachern

 https://www.blackstaff.ca

 Beware the Four Horsemen of the Information Apocalypse: terrorists, drug
 dealers, kidnappers, and child pornographers. Seems like you can scare any
 public into allowing the government to do anything with those four.  --
 Bruce Schneier



Re: Sorry OpenBSD people, been a bit busy

2013-10-08 Thread Scott McEachern

On 10/08/13 16:41, Kevin Chadwick wrote:


As I say I am far more concerned about 'modern' incompetent ISP's.
Uncaring ISPs or ISP's that can only care about profit (and so
advertising) or they are out of business and tasking them (perhaps to
their delight) with layer 7 filtering which requires great care and
expertise and arguably only securable passively which I am sure they
will not be doing.

This should certainly be stopped as it may give people with mostly evil
intentions similar access as the NSA or just reduce reliability perhaps
at a time when the net is needed most. Sounds like it was quite a bit
of work though or was that mostly the resistance?

Global government surveilance is not going to be stopped or the
backbone avoided and atleast likely comes from mostly good intentions
even if it is bound to be abused or infiltrated at times.


History has demonstrated time and time over that it is the nature of 
government to keep and expand power at all costs.  Surveillance states 
don't go away until a major upheaval takes place.  Look at East 
Germany's Stasi, or the former USSR's KGB.  Oh wait, that came back 
again with a new name, the GRU I believe.


As I said in a previous post, it's most likely that the NSA is vacuuming 
up /all/ Internet data.  Even if they aren't grabbing 100% of it, 
they're definitely getting the interesting bits.  And that data is 
going to be stored forever.


Even if your data is safely encrypted today, that data will be stored 
somewhere for pretty much eternity.  In 20 years when supercomputers, or 
quantum computers, can make mincemeat of today's strong crypto, that 
data will be analyzed to predict the future by learning from the past.


Even if you can pretend the US government of today, or any other 
government for that matter, is truly innocuous with the best intentions 
(ha!), that doesn't take into account the nature of future governments.


Back in the pre-WW2 days, Belgium (or was it the Netherlands?  I 
forget.) kept detailed census and medical data on their citizens, 
including their religious affiliation.  It was useful data for a 
friendly government, never to be abused.


Then WW2 happened, and Hitler's Nazis invaded.  They found that data, 
especially the religion part, quite useful, and we all know how that 
turned out.


The NSA has been playing this game not for years, but *decades*. The 
breadth of PRISM and other programs with names always written in caps is 
astounding.  They, and other intelligence agencies, are /everywhere/.  
Routers and switches with backdoors from the US (like Cisco), China 
(Huawei), Russia and others.  Splitters on backbone fiber, like Room 
641A.  Superfast computers that intercept HTTPS/SSL data using acquired 
private keys from friendly or coerced companies.  Moxie Marlinspike 
demonstrated these techniques at a black hat conference in 2009, google 
for it.


Sounds far fetched?  Look at the revelation that LavaBit did indeed shut 
down because the FBI insisted on having their private keys, and 
installing a device on their network to intercept and decrypt the 
data.  They originally were (allegedly) targeting just Snowden's 
account, but when the head of LavaBit declined, the FBI wanted the data 
for /all/ users.  So he shut it down.  Then Silent Circle shut down, and 
the list continues to grow.


More food for thought?  Go read Naomi Wolf's book The End of America.  
(https://en.wikipedia.org/wiki/Naomi_Wolf for a quick outline.)  Don't 
have time to read it?  Watch her youtube video (~48mins) of a speech 
given at the U of Washington in 2007. 
(https://www.youtube.com/watch?v=y8u-5gsZdgc, amongst others) Hopefully, 
it will make you think about the direction the US is heading.


--
Scott McEachern

https://www.blackstaff.ca

Beware the Four Horsemen of the Information Apocalypse: terrorists, drug dealers, 
kidnappers, and child pornographers. Seems like you can scare any public into allowing 
the government to do anything with those four.  -- Bruce Schneier



Re: Sorry OpenBSD people, been a bit busy

2013-10-08 Thread thornton . richard
I used to work at empire blue cross. I had many friends who worked in the
Trade Towers.I lived for a time in Battery Park nearby.So go to hell
asshole, the USA will neverLet another 9/11 happen again, And Snowden is
quite the jerk. These guys were recently planning attacks on Toronto as a
matter of fact and were discovered in time, maybe thanks to the NSA.
So sit in your tea house pouring over your netbook,Fuckin around, and
hide. And go to hell.
Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE
network.

From: Zé LoffSent: Tuesday, October 8, 2013 6:08 PMTo: Richard ThorntonCc:
Scott McEachern; misc@openbsd.orgSubject: Re: Sorry OpenBSD people, been
a bit busy

 The Middle Eastern terrorism threat is
 real and we need to be able to stop them anyway necessary.

 All it takes is one of them to hit every Walmart in the neighborhood,
 buy every pay-as-you-go phone they have, then pass them out to their
 friends in every Mosque.

Well fuck you and your fucking stereotypes, you fucking bigot.

And thank you for validating the quote on Scott's signature, btw.



Re: Sorry OpenBSD people, been a bit busy

2013-10-08 Thread Zé Loff
 The Middle Eastern terrorism threat is
 real and we need to be able to stop them anyway necessary.
 
 All it takes is one of them to hit every Walmart in the neighborhood,
 buy every pay-as-you-go phone they have, then pass them out to their
 friends in every Mosque.

Well fuck you and your fucking stereotypes, you fucking bigot.

And thank you for validating the quote on Scott's signature, btw.



Re: Sorry OpenBSD people, been a bit busy

2013-10-08 Thread Chris Cappuccio
Martin Schr?der [mar...@oneiros.de] wrote:
 2013/10/8 Kyle R W Milz k...@getaddrinfo.net:
  I guess if the NSA has coerced with CSIS or whatever the Canadian
  equivalent is then there might be cause for worry there (quite likely as
  we parrot almost everything the US does).
 
 YYCIX is subject to canadian laws.
 It likely must have a lawful interception interface for the canadian
 police/whatever.
 Canada is a member of Five Eyes.

This is the duty of the ISP that serves the (snooped) end-user, not the IX.

The ISP is the only entity in a position to capture all traffic for an end-
user unless they are multi-homed. Then the authority has to ask multiple ISPs
to tap for them.



Re: Sorry OpenBSD people, been a bit busy

2013-10-08 Thread Scott McEachern

On 10/08/13 17:38, Richard Thornton wrote:

I am not flippant enough to say that the NSA revelations do not matter,
but what are we supposed to do?  The Middle Eastern terrorism threat is
real and we need to be able to stop them anyway necessary.

All it takes is one of them to hit every Walmart in the neighborhood,
buy every pay-as-you-go phone they have, then pass them out to their
friends in every Mosque.  Now you have a new terrorism threat.  So,
welcome to the real world my friend, and wake up.


Seriously, after everything I've said so far (I see you just replied 
privately to my most recent post), you're suggesting that *I* wake up to 
the real world?  I suggest you take that message to the ignorant, 
complacent, apathetic masses.  Please.


Take a look at the prime-time TV lineup on the major US networks, and 
the cable stations like Showcase, HBO, etc.  What are their plots 
mostly focussed on?  Terrorism.  Top-rated shows like NCIS, NCIS: LA, 
and the like:  Terrorism.  My point is that the media is feeding the 
viewers a non-stop diet of potential terrorist plots. It's ridiculously 
pervasive, and the fear is taking over peoples' minds.


Why do you think Bruce Schneier calls the TSA's actions security 
theatre?  They're reactive, not proactive.  Maybe the NSA/CIA/FBI are 
trying to be proactive, but what's their track record?


The intelligence agencies each had a piece of the 9/11 puzzle.  Due to 
infighting and protecting their respective turf, they didn't share 
information, and 9/11 happened.  Hindsight is 20/20, but it was revealed 
that if they had only cooperated, 9/11 could have been prevented.


Look at the Boston bombings.  The FBI received intel from the Russians, 
of all people, beforehand that the two brothers were up to something.  
How did that work out for them?


The Times Square bomber was stopped by a curious NYPD cop, not an 
three-letter agency.


How about those US soldiers that converted to Islam, raising red flags 
with their unusual behaviour and behavioural changes, going on shooting 
rampages?  How did the FBI do there?


Maybe they have foiled attacks, but you'd think they'd be shouting that 
from the rooftops saying, Look!  We're doing good!  Our Billion dollar 
budgets are justified!  People know about PRISM now, but even if they 
wanted to keep the source of their intel under wraps, I'm sure they 
could find a way to parallel construct a plausible explanation without 
revealing too much.


Like you said in a fresh post, maybe the NSA was helpful in stopping the 
potential attacks on Toronto and various rail lines.  Who knows.  Read 
my previous paragraph again.


And for the record, both you and Ze Loff should stick to facts and 
rational discussion.  Bigots and morons are best defeated with those, 
and they'll show their true colours, debasing their own opinions.  
There's no need for insults and ad hominem attacks.


You feel that Snowden is quite the jerk?  You're entitled to that 
opinion, but there are a great many people, myself included, that think 
he is a hero for exposing blantant lies and violations of the law and 
constitution.  Snowden, and some other previous NSA employees, saw the 
insanity of this, and the future of it.  They were appalled, and went 
public.  They are heroes.


Privately, you casually dismissed Wolf as another blow hard, the 
liberal version of Ann Coulter.  Maybe so, but attacking her personally 
does not negate the validity of her points.  Watch the video, and think 
about it with an open mind, if you can.


You asked, What are we supposed to do?  There are no easy answers 
here.  I fully realize that there are shades of grey involved.  But you 
aren't looking at the thin end of the wedge; we've long passed that 
point, and you are ceding your rights to allow it to not only continue, 
but to expand.  Remeber what Ben Franklin said:  Those who would give 
up essential liberty to purchase a little temporary safety deserve 
neither liberty nor safety.


His point in that quote speaks directly to the nature of government.  It 
hasn't changed since then.  Government will take a mile when you give 
them an inch.  You've probably heard the glib comments that more people 
in the US have died from choking on fishbones/car accidents/etc. in the 
last 12 years than have died from terrorism.


But at what price, both financially (military spending) and in terms of 
rights in a growing surveillance state?  Where does it end, and what is 
the logical conclusion?


I just don't have the answers, but I can repeat the suggestions of Bruce 
Schneier:  Trust the math.  Trust the crypto.  Be careful with the 
implementation.  The NSA isn't so much working on breaking the crypto 
(for now), as they are attacking the end points.  That's why they hacked 
the Tor Bundle.  That's why they control so many Tor exit nodes.


Stick to known trusted OSes, like OpenBSD.  Avoid proprietary software, 
especially software developed in the US.  Avoid this cloud 

Re: Sorry OpenBSD people, been a bit busy

2013-10-08 Thread Scott McEachern

On 10/06/13 20:48, dera...@cvs.openbsd.org wrote:

Now, why do I mention this in relation to OpenBSD?  Well, at the end
of 2007 someone decided to open an impersonation account on twitter in
my name, and start sending a mix of things I have said (see wikiquote
for instance), with things that I would never say.  That account is
http://twitter.com/theoderaadt

A few notes:  The account has now changed to declare that it is a
parody account and renamed to Not Theo de Raadt, as of a few days
ago.  If you read back into the past, you will see true character of
the account and the individual.

People in the local community were directed to the account, to give a
negative, if not slanderous, view of my character.  The ones directing
them have high-profile roles in the community, so people would take
what they say as true.  Since I am the network manager for the
exchange equipment, this by extension was meant to hurt YYCIX.

Why would stewards of important infrastructure projects deliberately
spread such false stories?


[...]



Layers of hurt being thrown around.  Why?


I don't know, but I can guess.  Probably the same reason that a year or 
two ago some crap came out trying to discredit OpenBSD's IPSec 
implementation: To discredit you, and OpenBSD as a whole.


Like I said, I have absolutely no doubt the NSA has been keeping tabs on 
OpenBSD as a whole.  Anything more than that is pure speculation on my part.


You, and the project, are financially reliant on donations, so if you 
are discredited, those donations lessen, and the project falters.  I'd 
bet money that the NSA would love to see OpenBSD go away.


What other real options would someone, like the NSA but not necessarily 
them, or just them, have?


Hack the OpenBSD servers?  Good luck with that.  OpenBSD is the gold 
standard in the hacker underground.  I've heard hackers say that when 
they are looking for targets, they skip the OpenBSD boxes they find; a 
waste of time.  (I don't know how true that is, so take it with a grain 
of salt.)


Inject code?  (Like was alleged in the IPSec situation.)  Good luck.  
Commits are public, reviewed, audited, etc.


Corrupt the project leaders, usually financially.  Theo is an idealist.  
(I mean that in a good way, don't get me wrong.)  If he wanted to make 
serious money, he could easily do so with his reputation, experience, 
and skill set.  I wish anyone luck with corrupting Theo, or those he 
trusts, with money.  I deeply believe that unlike psychopathic 
CxO-types, he's not in it for the money, or power.


Blackmail the leaders into doing your bidding.  Last I checked, Theo 
isn't married, so he doesn't have to worry about a leak of him with his 
mistress.  I suspect that Theo wouldn't cave if someone were to reveal 
he used the services of ladies of the night.  (For the record, I'm just 
making up scenarios here, I have no idea what he does in his private 
time, other than cycling.)


The other thing to consider is that I don't think many people in the 
OpenBSD community would give a shit if Theo did questionable things in 
his private life.  I'm not interested, and I doubt any serious person 
would be.  I simply look at the work he does.  The dedication and quality.


*Everyone* has secrets, period.  Nobody wants cameras in their bedrooms 
or bathrooms.  (Canada had a Prime Minister in the 70s by the name of 
Pierre Trudeau, that said quite clearly that the state has no business 
in the bedrooms of the nation.  He made plenty of mistakes, but he got 
that one dead right.)  What would Theo's (fictional!) indiscretions, or 
any other dev's indiscretions, have to do with OpenBSD development?  
Nothing.


However, not everyone thinks that way, so I think one of the simpler 
ways to attack OpenBSD is to discredit the project (IPSec), and 
discredit the project leader (fake twitter bullshit).  This demoralizes 
the funding base.  It scares people away, whether they are existing 
users or potential users.  Some say there's no such thing as bad 
publicity.  I beg to differ.


Theo needs to continuously refute the bullshit with truth and honesty, 
standing on his body of years of dedication and work. Given his status, 
I'm sure that would be a full-time task in itself.  Perhaps a PR firm 
using OpenBSD could donate some work in that area, to give back.  (I 
realize that's wishful thinking, but you never know..)


I'm sure Sun Tzu could read more into this, but he's dead.  One of his 
principal tenets was know your enemy, and thanks to Snowden et al., we 
have seen the enemy, they are legion, and include the NSA. Now we know 
much more about them, their tactics and methods.  Again, he is a hero.


I'd laugh if his future leaks were titled To: NSA; Subject: From Russia 
with Love. :)


--
Scott McEachern

https://www.blackstaff.ca

Beware the Four Horsemen of the Information Apocalypse: terrorists, drug dealers, 
kidnappers, and child pornographers. Seems like you can scare any public into allowing 
the 

Re: Sorry OpenBSD people, been a bit busy

2013-10-08 Thread thornton . richard
I love OpenBSD, seriously, and developers of it are clearly geniuses. And
any chance I get I promote it.
Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE
network.

From: Scott McEachernSent: Tuesday, October 8, 2013 7:17 PMTo:
misc@openbsd.orgSubject: Re: Sorry OpenBSD people, been a bit busy

On 10/08/13 17:38, Richard Thornton wrote:
 I am not flippant enough to say that the NSA revelations do not matter,
 but what are we supposed to do? The Middle Eastern terrorism threat is
 real and we need to be able to stop them anyway necessary.

 All it takes is one of them to hit every Walmart in the neighborhood,
 buy every pay-as-you-go phone they have, then pass them out to their
 friends in every Mosque. Now you have a new terrorism threat. So,
 welcome to the real world my friend, and wake up.

Seriously, after everything I've said so far (I see you just replied
privately to my most recent post), you're suggesting that *I* wake up to
the real world? I suggest you take that message to the ignorant,
complacent, apathetic masses. Please.

Take a look at the prime-time TV lineup on the major US networks, and
the cable stations like Showcase, HBO, etc. What are their plots
mostly focussed on? Terrorism. Top-rated shows like NCIS, NCIS: LA,
and the like: Terrorism. My point is that the media is feeding the
viewers a non-stop diet of potential terrorist plots. It's ridiculously
pervasive, and the fear is taking over peoples' minds.

Why do you think Bruce Schneier calls the TSA's actions security
theatre? They're reactive, not proactive. Maybe the NSA/CIA/FBI are
trying to be proactive, but what's their track record?

The intelligence agencies each had a piece of the 9/11 puzzle. Due to
infighting and protecting their respective turf, they didn't share
information, and 9/11 happened. Hindsight is 20/20, but it was revealed
that if they had only cooperated, 9/11 could have been prevented.

Look at the Boston bombings. The FBI received intel from the Russians,
of all people, beforehand that the two brothers were up to something.
How did that work out for them?

The Times Square bomber was stopped by a curious NYPD cop, not an
three-letter agency.

How about those US soldiers that converted to Islam, raising red flags
with their unusual behaviour and behavioural changes, going on shooting
rampages? How did the FBI do there?

Maybe they have foiled attacks, but you'd think they'd be shouting that
from the rooftops saying, Look! We're doing good! Our Billion dollar
budgets are justified! People know about PRISM now, but even if they
wanted to keep the source of their intel under wraps, I'm sure they
could find a way to parallel construct a plausible explanation without
revealing too much.

Like you said in a fresh post, maybe the NSA was helpful in stopping the
potential attacks on Toronto and various rail lines. Who knows. Read
my previous paragraph again.

And for the record, both you and Ze Loff should stick to facts and
rational discussion. Bigots and morons are best defeated with those,
and they'll show their true colours, debasing their own opinions.
There's no need for insults and ad hominem attacks.

You feel that Snowden is quite the jerk? You're entitled to that
opinion, but there are a great many people, myself included, that think
he is a hero for exposing blantant lies and violations of the law and
constitution. Snowden, and some other previous NSA employees, saw the
insanity of this, and the future of it. They were appalled, and went
public. They are heroes.

Privately, you casually dismissed Wolf as another blow hard, the
liberal version of Ann Coulter. Maybe so, but attacking her personally
does not negate the validity of her points. Watch the video, and think
about it with an open mind, if you can.

You asked, What are we supposed to do? There are no easy answers
here. I fully realize that there are shades of grey involved. But you
aren't looking at the thin end of the wedge; we've long passed that
point, and you are ceding your rights to allow it to not only continue,
but to expand. Remeber what Ben Franklin said: Those who would give
up essential liberty to purchase a little temporary safety deserve
neither liberty nor safety.

His point in that quote speaks directly to the nature of government. It
hasn't changed since then. Government will take a mile when you give
them an inch. You've probably heard the glib comments that more people
in the US have died from choking on fishbones/car accidents/etc. in the
last 12 years than have died from terrorism.

But at what price, both financially (military spending) and in terms of
rights in a growing surveillance state? Where does it end, and what is
the logical conclusion?

I just don't have the answers, but I can repeat the suggestions of Bruce
Schneier: Trust the math. Trust the crypto. Be careful with the
implementation. The NSA isn't so much working on breaking the crypto
(for now), as they are attacking the end points. That's why

Re: Sorry OpenBSD people, been a bit busy

2013-10-08 Thread Scott McEachern

On 10/08/13 20:42, thornton.rich...@gmail.com wrote:

I love OpenBSD, seriously, and developers of it are clearly geniuses. And
any chance I get I promote it.


Excellent, and I applaud you for that.

You should take a look at the papers/presentations the devs have given.  
The stuff Theo wrote on W^X was mind boggling.  Over my head, but I got 
the gist.  I'm not going to find the ones I'm thinking of (it's been a 
while since I read them), I'll leave that as an exercise for the 
reader.  You'll find plenty of mind-blowing stuff.


(Ok, I can't resist.  I'll link to one particular page that's really 
easy to understand: 
http://www.openbsd.org/papers/eurobsdcon_2013_time_t/mgp3.html. 
Maybe another, this is from 2005, and I nearly lost my mind: 
http://www.openbsd.org/papers/ven05-deraadt/index.html)


I don't mean to single out Theo, but he started this thread, so he 
remains the focus.  You should read the stuff the other devs have 
written, it's all excellent stuff.  The genius shines through.



Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE
network.


All I can say is, I hope you don't do anything private with your 
device.  You have two /proven/ weak points in your hand.  Anything 
HTTPS/TLS/SSL on your handheld is probably moot, but I'd still use 
crypto anyway. :)  Convenience comes with a price.


And Richard, thanks for sharing your thoughts.  It adds to the balance.

--
Scott McEachern

https://www.blackstaff.ca

Beware the Four Horsemen of the Information Apocalypse: terrorists, drug dealers, 
kidnappers, and child pornographers. Seems like you can scare any public into allowing 
the government to do anything with those four.  -- Bruce Schneier



Re: Sorry OpenBSD people, been a bit busy

2013-10-08 Thread Indunil Jayasooriya
On Wed, Oct 9, 2013 at 6:42 AM, Scott McEachern sc...@blackstaff.ca wrote:

 On 10/08/13 20:42, thornton.rich...@gmail.com wrote:

 I love OpenBSD, seriously, and developers of it are clearly geniuses. And
 any chance I get I promote it.


 Excellent, and I applaud you for that.


My favourite O/S is also OpenBSD. Theo and his guys protect the world. so
they are naturally protected.





Thank you
Indunil Jayasooriya
http://www.theravadanet.net/
http://www.siyabas.lk/sinhala_how_to_install.html   -  Download Sinhala
Fonts



Re: Sorry OpenBSD people, been a bit busy

2013-10-08 Thread Richard Thornton
The NSA is just a backdrop against the real corruption, which guys like
Sen. Ted Cruz, who intentionally manipulate the markets by threatening to
default on USA debt.  Only an idiot would not assume these Senators are
selling their stocks before this stupid debate, drive the markets down,
buy on the cheap, then bam!  Come up with a deal, and make a huge windfall
profit.  meanwhile they keep everyone focused on other issues such as NSA
while they literally rape the country.


On Tue, 8 Oct 2013, Scott McEachern wrote:

 On 10/08/13 16:36, Martin Schröder wrote:
 YYCIX is subject to canadian laws.
 It likely must have a lawful interception interface for the canadian
 police/whatever.

 Americans are subject to the highest law of the land:  The US Constitution.
 You know, that document the President and damned near every government
 employee has sworn an oath to obey and protect.

 The NSA has broken that oath.  Not long after the Snowden leaks started, the
 Director of National Intelligence, James Clapper, spoke before congress and
 explained what the NSA is up to, in an attempt to play down Snowden's
 revelations.  Then more Snowden documents came out, proving that the DNI
just
 /lied/ to congress.  Curiously, he's not in jail, and is still in office.
 Lying to congress is an indictable offense, er, a felony offence in US
 legal-speak.

 Now here's another fun bit of trivia for you:  The constitution outranks
 *all* other laws, like state, regional, municipal, etc. All except one:
 Foreign treaties.  They hold equal rank to the constitution.  Think about
 that, vis a vis foreign treaties with other intelligence agencies.  The same
 applies in Canada with our Constitution and Bill of Rights.

 Lawful interception, you say?  Subject to Canadian laws?  Privacy laws?
 There are no privacy laws in either the US or Canadian constitutions; look
it
 up.  But we /do/ have treaties.

 Canada is a member of Five Eyes.

 Thank-you for proving my point.  Nice treaties with the other members since
 1948.  Treaties that have equivalent legal weight to the constitutions of
the
 respective countries.

 If you think our (Canadian) morally superior privacy laws, and our
 national/provincial privacy commissioners have any say in the matter, you're
 fooling yourself.

 A couple of weeks ago, John Tory, a very well-respected radio commentator
 (and former lawyer, former CEO of Rogers, former politician, etc.) on a
 respected AM talk radio station, interviewed a fellow who works deep inside
 the telecom industry.  Sorry, I can't remember the chap's name.  Tory asked
 the guy, So what ISPs are giving customer data to the government?  The guy
 deadpanned, All of them.  All of them are doing it.

 Of course, there's no actual proof of this at the moment, but given what
 Snowden has released so far, and what those documents indicate (eg. PRISM) I
 think this theory has moved from pure speculation to most likely
status.

 --
 Scott McEachern

 https://www.blackstaff.ca

 Beware the Four Horsemen of the Information Apocalypse: terrorists, drug
 dealers, kidnappers, and child pornographers. Seems like you can scare any
 public into allowing the government to do anything with those four.  --
 Bruce Schneier



Re: Sorry OpenBSD people, been a bit busy

2013-10-08 Thread Scott McEachern

On 10/08/13 22:35, Indunil Jayasooriya wrote:

My favourite O/S is also OpenBSD. Theo and his guys protect the world. so
they are naturally protected.


Almost, but not quite.

Theo actually has a devoted core of followers around the globe, highly 
trained in gung-fu, krav maga, and ninjitsu.  They fight to kill.


Meetings take place on a secret, members-only OpenBSD-powered web 
server.  One word, and a problem can be solved, anywhere, any time.  
Or so I hear...


So yes, he and his fellow devs are protected, while they protect the world.

--
Scott McEachern

https://www.blackstaff.ca

Beware the Four Horsemen of the Information Apocalypse: terrorists, drug dealers, 
kidnappers, and child pornographers. Seems like you can scare any public into allowing 
the government to do anything with those four.  -- Bruce Schneier



Re: Sorry OpenBSD people, been a bit busy

2013-10-08 Thread Benjamin Heath
Adding to your previous thoughts, it became clear to me some years ago that
the best way to gather information on someone is to find information which
they've volunteered.

Facebook and other social networks have a space to select your religion,
sexual identity, location, school, work, and contact information. Much of
this information can be selected from existing lists. Supplying this
information hands it into the realm of Facebook apps with permission to
access that information, too.

But, people have given up this information. They weren't even paid or
coerced. Why so naive?

But that's just it, isn't it? People are naive. They go to public schools
where they are taught to accept what is popular and reject all else, and
that's where much of it starts. Computers must run Windows. If you want to
be different, buy a Mac. Programs must be big and graphical with plenty of
room for error. Why have it any other way?

I have also noticed that the news is saying what is and isn't common sense
now. They use this term as a backhanded directive, as if to say, Of course
it is so, this is common sense. In fact, common sense is a little more
inquisitive than that, and common sense would actually have it that you
don't trust everything you hear.

On topic and as a response to Theo, Twitter is a vehicle of passive
aggression and ad hominem attacks among other things. I blame Twitter for
the direction much of the Internet has taken. It is quick, it is short, and
that's how people are with other people. They are quick, and they are
short. And it seems a pretty weak attempt at disparaging your character.

Thank you, and please, please keep it up.
On Oct 8, 2013 6:14 PM, Scott McEachern sc...@blackstaff.ca wrote:

 On 10/08/13 20:42, thornton.rich...@gmail.com wrote:

 I love OpenBSD, seriously, and developers of it are clearly geniuses. And
 any chance I get I promote it.


 Excellent, and I applaud you for that.

 You should take a look at the papers/presentations the devs have given.
  The stuff Theo wrote on W^X was mind boggling.  Over my head, but I got
 the gist.  I'm not going to find the ones I'm thinking of (it's been a
 while since I read them), I'll leave that as an exercise for the reader.
  You'll find plenty of mind-blowing stuff.

 (Ok, I can't resist.  I'll link to one particular page that's really easy
 to understand: http://www.openbsd.org/papers/**eurobsdcon_2013_time_t/**
 mgp3.htmlhttp://www.openbsd.org/papers/eurobsdcon_2013_time_t/mgp3.html.
 Maybe another, this is from 2005, and I nearly lost my mind:
 http://www.openbsd.org/papers/**ven05-deraadt/index.htmlhttp://www.openbsd.org/papers/ven05-deraadt/index.html
 )

 I don't mean to single out Theo, but he started this thread, so he remains
 the focus.  You should read the stuff the other devs have written, it's all
 excellent stuff.  The genius shines through.

  Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE
 network.


 All I can say is, I hope you don't do anything private with your device.
  You have two /proven/ weak points in your hand.  Anything HTTPS/TLS/SSL on
 your handheld is probably moot, but I'd still use crypto anyway. :)
  Convenience comes with a price.

 And Richard, thanks for sharing your thoughts.  It adds to the balance.

 --
 Scott McEachern

 https://www.blackstaff.ca

 Beware the Four Horsemen of the Information Apocalypse: terrorists, drug
 dealers, kidnappers, and child pornographers. Seems like you can scare any
 public into allowing the government to do anything with those four.  --
 Bruce Schneier



Re: Sorry OpenBSD people, been a bit busy

2013-10-08 Thread Scott McEachern

On 10/08/13 22:44, Benjamin Heath wrote:

Adding to your previous thoughts, it became clear to me some years ago that
the best way to gather information on someone is to find information which
they've volunteered.


The US Army, namely D/arpa and the Navy, invented the Internet and onion 
routing.


I can't believe they didn't invent such a clever way to extract 
information before MySpace/Facebook did.



Facebook and other social networks have a space to select your religion,
sexual identity, location, school, work, and contact information. Much of
this information can be selected from existing lists. Supplying this
information hands it into the realm of Facebook apps with permission to
access that information, too.

But, people have given up this information. They weren't even paid or
coerced. Why so naive?


I think P.T. Barnum said something about that.

People like free stuff. They think they are using a product for free. 
They don't realize *they* are the product.


I don't have a Facebook account. I have a G+ account (by way of having a 
gmail account for mailing lists) with a picture of my cat, and no 
information about myself except links to my website.



But that's just it, isn't it? People are naive. They go to public schools
where they are taught to accept what is popular and reject all else, and
that's where much of it starts. Computers must run Windows. If you want to
be different, buy a Mac. Programs must be big and graphical with plenty of
room for error. Why have it any other way?


So far as I understand it, kids often aren't being taught the course 
material. They're being taught the test. That is, the standardized 
evaluation tests for each subject. It inflates test scores to 
acceptable limits.


The ability to think, critically, isn't being taught at all. You have 
kids walking out of school thinking crap like Intelligent Design is 
plausible, and that the earth really is only 6000 years old. Darwin's 
ideas are just theories, but fail to realize gravity is just a 
theory too. Stand on a 10th floor balcony, and test out that just a 
theory.


Why would kids do such silly things as read books, when they have 
summarized versions online that they can skim over while they're waiting 
for their tweet/facebook update to be replied to. After all, it is the 
most profound 130 character message ever written.



I have also noticed that the news is saying what is and isn't common sense
now. They use this term as a backhanded directive, as if to say, Of course
it is so, this is common sense. In fact, common sense is a little more
inquisitive than that, and common sense would actually have it that you
don't trust everything you hear.


I read it on the Internet, therefore it must be true.

99% of the news people digest daily is spoon fed to them by five 
megacorps that are more than happy to frame the narrative for you. 
People worship celebrities that are only famous because of their 
surnames or relatives, and spend their leisure time on the couch 
watching (un)reality TV shows.


TV crime shows, like CSI, get DNA results in minutes. They can pinpoint 
the bad guy, right down to the floor he's on, within seconds just from 
his IP address. Strong encryption is broken within seconds on a laptop 
computer. Firewalls are routinely hacked within minutes. Cases are 
always solved with conclusive proof.


Ask any prosecutor how her life in the courtroom has changed since 
CSI-type shows hit the air. Everyone on the jury is an armchair expert 
criminalist, and they get confused when cases aren't cut and dried, 
black and white.


The founding fathers of the US understood that an educated public, 
active in the political process, is a good thing.


Modern politicians understand that an uneducated, apathetic public is a 
better thing.



On topic and as a response to Theo, Twitter is a vehicle of passive
aggression and ad hominem attacks among other things. I blame Twitter for
the direction much of the Internet has taken. It is quick, it is short, and
that's how people are with other people. They are quick, and they are
short. And it seems a pretty weak attempt at disparaging your character.


I suppose twitter has its good uses, like during the Arab Spring, but by 
and large it's a time sink to read fluff. I wrote to someone earlier 
sharing my one and only tweet from three years ago. (I plagiarized Marco 
Peereboom.)


crap
*Scott McEachern* ‏@*scott_mceachern* 
https://twitter.com/scott_mceachern 24 Nov 10 
https://twitter.com/scott_mceachern/status/7477254057631744


Twitter is the stupidest fucking thing to happen on the Internet.
/crap

Like I said, you read it on the Internet, so it must be true.

--
Scott McEachern

https://www.blackstaff.ca

Beware the Four Horsemen of the Information Apocalypse: terrorists, drug dealers, 
kidnappers, and child pornographers. Seems like you can scare any public into allowing 
the government to do anything with those four.  -- Bruce Schneier



Re: Sorry OpenBSD people, been a bit busy

2013-10-08 Thread Benjamin Heath
On Oct 8, 2013 8:21 PM, Scott McEachern sc...@blackstaff.ca wrote:

 On 10/08/13 22:44, Benjamin Heath wrote:
 But that's just it, isn't it? People are naive. They go to public schools
 where they are taught to accept what is popular and reject all else, and
 that's where much of it starts. Computers must run Windows. If you want
to
 be different, buy a Mac. Programs must be big and graphical with plenty
of
 room for error. Why have it any other way?


 So far as I understand it, kids often aren't being taught the course
material. They're being taught the test. That is, the standardized
evaluation tests for each subject. It inflates test scores to acceptable
limits.

 The ability to think, critically, isn't being taught at all. You have
kids walking out of school thinking crap like Intelligent Design is
plausible, and that the earth really is only 6000 years old. Darwin's ideas
are just theories, but fail to realize gravity is just a theory too.
Stand on a 10th floor balcony, and test out that just a theory.

 Why would kids do such silly things as read books, when they have
summarized versions online that they can skim over while they're waiting
for their tweet/facebook update to be replied to. After all, it is the most
profound 130 character message ever written.

It isn't only the course material or the testing material, but I'd argue
that public school itself is a critical time in which a young human being
learns to desire what's popular, and to desire to be popular. (Look, I'm a
geek, and things like The Big Bang Theory on CBS make me cringe.) But the
lack of critical thinking in this issue leads to a lot of confused kids who
then graduate and are soon called legal adults if they aren't already. And
then what? Inattention, apathy, acceptance, mediocrity, and that's how the
toad boils.

It's also quite interesting that there are more books and other documents
on this planet than ever before, more people know the basics of how to read
and write than ever before, and yet the interest is shot down by lack of
attention, for whichever reason.



Re: Sorry OpenBSD people, been a bit busy

2013-10-07 Thread InterNetX - Robert Garrett
Because people, are idiots, and like to attack others who do useful 
things. Keep your head up.


RG

On 10/07/2013 02:48 AM, dera...@cvs.openbsd.org wrote:

Hi, yeah, it is really me.  I find it strange posting to misc,
starting an email thread.  Normally I finish the threads here.

Most OpenBSD developers have known for a while, but I think it is
important to tell the greater community that I've been a bit busy for
about the last year.  I have not been paying as much attention to
OpenBSD development as I'm expected to.  Luckily, other developers
have done a great job keeping it on track.

Why?  With a group of others, I started setting up an Internet
Exchange in Calgary, and this has taken much time because it is highly
politicized and has encountered some resistance.

http://yycix.ca
https://en.wikipedia.org/wiki/YYCIX_Internet_Exchange_Community_Ltd

Now, why do I mention this in relation to OpenBSD?  Well, at the end
of 2007 someone decided to open an impersonation account on twitter in
my name, and start sending a mix of things I have said (see wikiquote
for instance), with things that I would never say.  That account is
http://twitter.com/theoderaadt

A few notes:  The account has now changed to declare that it is a
parody account and renamed to Not Theo de Raadt, as of a few days
ago.  If you read back into the past, you will see true character of
the account and the individual.

People in the local community were directed to the account, to give a
negative, if not slanderous, view of my character.  The ones directing
them have high-profile roles in the community, so people would take
what they say as true.  Since I am the network manager for the
exchange equipment, this by extension was meant to hurt YYCIX.

Why would stewards of important infrastructure projects deliberately
spread such false stories?

I will not mention names.  I don't need to; many can dig a little and
figure out who those actors are.  As a hint, search a little bit
higher.

Finally, one thing that particularily bothers me in the old postings
is the mention of my old friend Itojun, a very dedicated developer of
IPv6.  As many of you know, he and John Postel are the only two
internet architects currently honoured on an annual basis by the
Internet Society in the form of an award.

http://www.internetsociety.org/what-we-do/grants-and-awards/awards/itojun-service-award

Layers of hurt being thrown around.  Why?




Mit freundlichen Grüßen

Robert Garrett
Senior System Engineer
Technical Projects  Solutions
--
InterNetX GmbH
Maximilianstr. 6
93047 Regensburg
Germany

Tel. +49 941 59559-480
Fax  +49 941 59559-245

www.internetx.com
www.facebook.com/InterNetX
www.twitter.com/InterNetX

Geschäftsführer/CEO: Thomas Mörz
Amtsgericht Regensburg, HRB 7142



Re: Sorry OpenBSD people, been a bit busy

2013-10-07 Thread Gregory Edigarov

Then again, I would find that rather offensive, given what he is saying on the 
header:

citation
Since the OBSD people are basically fucking dumber than a single sack of hammers
THIS IS A PARODY ACCOUNT.
/citation

On 10/07/2013 03:48 AM, dera...@cvs.openbsd.org wrote:

Hi, yeah, it is really me.  I find it strange posting to misc,
starting an email thread.  Normally I finish the threads here.

Most OpenBSD developers have known for a while, but I think it is
important to tell the greater community that I've been a bit busy for
about the last year.  I have not been paying as much attention to
OpenBSD development as I'm expected to.  Luckily, other developers
have done a great job keeping it on track.

Why?  With a group of others, I started setting up an Internet
Exchange in Calgary, and this has taken much time because it is highly
politicized and has encountered some resistance.

http://yycix.ca
https://en.wikipedia.org/wiki/YYCIX_Internet_Exchange_Community_Ltd

Now, why do I mention this in relation to OpenBSD?  Well, at the end
of 2007 someone decided to open an impersonation account on twitter in
my name, and start sending a mix of things I have said (see wikiquote
for instance), with things that I would never say.  That account is
http://twitter.com/theoderaadt

A few notes:  The account has now changed to declare that it is a
parody account and renamed to Not Theo de Raadt, as of a few days
ago.  If you read back into the past, you will see true character of
the account and the individual.

People in the local community were directed to the account, to give a
negative, if not slanderous, view of my character.  The ones directing
them have high-profile roles in the community, so people would take
what they say as true.  Since I am the network manager for the
exchange equipment, this by extension was meant to hurt YYCIX.

Why would stewards of important infrastructure projects deliberately
spread such false stories?

I will not mention names.  I don't need to; many can dig a little and
figure out who those actors are.  As a hint, search a little bit
higher.

Finally, one thing that particularily bothers me in the old postings
is the mention of my old friend Itojun, a very dedicated developer of
IPv6.  As many of you know, he and John Postel are the only two
internet architects currently honoured on an annual basis by the
Internet Society in the form of an award.

http://www.internetsociety.org/what-we-do/grants-and-awards/awards/itojun-service-award

Layers of hurt being thrown around.  Why?





--
With best regards,
 Gregory Edigarov



Re: Sorry OpenBSD people, been a bit busy

2013-10-07 Thread hruodr
dera...@cvs.openbsd.org wrote:

 Layers of hurt being thrown around.  Why?

This is a legitim question. 

Since I am here, I think I received twice an Email from you: I 
remember you as a polite person. But I did read a little of what
people write about you arround.

Some weeks ago a question of me here produced unfortunately too much
traffic. I was critical to the optimism in Tridgelll doctoral
thesis, about the rsync algorithm, about new programming technics
that seem to allow the use of hash values as a unique key. If the
question was a little off-topic, then it was not anymore as some
people here felt attacked by my critic. I was continously exposed
to insult and defamation. I continously tried to keep the discussion
objective, without much success. I asked me the very same question
you ask, I ask me it till now. And of course I tried to find an answer. 
And the answer of Robert Garrett throw new questions: Because people
are idiots? Then we all are idiots and cannot compain. Or only people
that do usefull things can complain and other do not deserve respect?

Rodrigo.



Re: Sorry OpenBSD people, been a bit busy

2013-10-07 Thread James Griffin
* hru...@gmail.com hru...@gmail.com [2013-10-07 08:36:04 +]:

 dera...@cvs.openbsd.org wrote:
 
  Layers of hurt being thrown around.  Why?
 
 This is a legitim question. 
 
 Since I am here, I think I received twice an Email from you: I 
 remember you as a polite person. But I did read a little of what
 people write about you arround.
 
 Some weeks ago a question of me here produced unfortunately too much
 traffic. I was critical to the optimism in Tridgelll doctoral
 thesis, about the rsync algorithm, about new programming technics
 that seem to allow the use of hash values as a unique key. If the
 question was a little off-topic, then it was not anymore as some
 people here felt attacked by my critic. I was continously exposed
 to insult and defamation. I continously tried to keep the discussion
 objective, without much success. I asked me the very same question
 you ask, I ask me it till now. And of course I tried to find an answer. 
 And the answer of Robert Garrett throw new questions: Because people
 are idiots? Then we all are idiots and cannot compain. Or only people
 that do usefull things can complain and other do not deserve respect?
 
 Rodrigo.
 

In fairness, you were repeating yourself a great deal and filling up our 
inboxes with the same statements. It went on for days and became tiresome. That 
was the main complaint, not the mathematical arguments you were put to the 
list. 



Re: Sorry OpenBSD people, been a bit busy

2013-10-07 Thread InterNetX - Robert Garrett
People who attack each, other with nothing but the defamation of the 
other individual, at heart are idiots. Sometimes, in the course of 
normal discussions.. things get out of hand, I really dont care about 
this. I prefer people to attack ideas, not each other.


RG


On 10/07/2013 10:43 AM, James Griffin wrote:

* hru...@gmail.com hru...@gmail.com [2013-10-07 08:36:04 +]:


dera...@cvs.openbsd.org wrote:


Layers of hurt being thrown around.  Why?


This is a legitim question.

Since I am here, I think I received twice an Email from you: I
remember you as a polite person. But I did read a little of what
people write about you arround.

Some weeks ago a question of me here produced unfortunately too much
traffic. I was critical to the optimism in Tridgelll doctoral
thesis, about the rsync algorithm, about new programming technics
that seem to allow the use of hash values as a unique key. If the
question was a little off-topic, then it was not anymore as some
people here felt attacked by my critic. I was continously exposed
to insult and defamation. I continously tried to keep the discussion
objective, without much success. I asked me the very same question
you ask, I ask me it till now. And of course I tried to find an answer.
And the answer of Robert Garrett throw new questions: Because people
are idiots? Then we all are idiots and cannot compain. Or only people
that do usefull things can complain and other do not deserve respect?

Rodrigo.



In fairness, you were repeating yourself a great deal and filling up our 
inboxes with the same statements. It went on for days and became tiresome. That 
was the main complaint, not the mathematical arguments you were put to the list.




Mit freundlichen Grüßen

Robert Garrett
Senior System Engineer
Technical Projects  Solutions
--
InterNetX GmbH
Maximilianstr. 6
93047 Regensburg
Germany

Tel. +49 941 59559-480
Fax  +49 941 59559-245

www.internetx.com
www.facebook.com/InterNetX
www.twitter.com/InterNetX

Geschäftsführer/CEO: Thomas Mörz
Amtsgericht Regensburg, HRB 7142



Re: Sorry OpenBSD people, been a bit busy

2013-10-07 Thread mxb
I'd turn this to police
and tried to make Twitter to shut down this account.

On 7 okt 2013, at 02:48, dera...@cvs.openbsd.org wrote:

 Well, at the end
 of 2007 someone decided to open an impersonation account on twitter in
 my name, and start sending a mix of things I have said (see wikiquote
 for instance), with things that I would never say.  That account is
 http://twitter.com/theoderaadt



Re: Sorry OpenBSD people, been a bit busy

2013-10-07 Thread James Griffin
* InterNetX - Robert Garrett robert.garr...@internetx.com [2013-10-07 
11:04:56 +0200]:

 People who attack each, other with nothing but the defamation of the
 other individual, at heart are idiots. Sometimes, in the course of
 normal discussions.. things get out of hand, I really dont care
 about this. I prefer people to attack ideas, not each other.
 
 RG

I agree. That's why I don't attack individuals. But when people don't listen, 
or continuosly repeat themselves unnecessarily, the discussion digresses and 
becomes irrelevent and/or annoying for those of us subscribed to the list. 
That's the point I tried to make. Anyway, this is digressing too. 



Re: Sorry OpenBSD people, been a bit busy

2013-10-07 Thread Gregor Best
On Mon, Oct 07, 2013 at 11:10:36AM +0200, mxb wrote:
 I'd turn this to police
 [...]

That might however generate a Streisand effect, where the slanderous
statements are spread even more.

 and tried to make Twitter to shut down this account.

Since it's marked as a parody account, I don't think that would be
successful. Maybe laying out the account history, with it being
marked as parody only a few days ago, might do something.

Theo: Regardless of the public opinion or annoying people on
twitter, I want to reiterate the point Rodrigo made a few messages
up.

In the few mails we exchanged a while back, I've experienced you
as a very polite and to the point engineer, contrary to what the
opinion of some people might be.

And then, it's awesome to hear about YYCIX.

-- 
Gregor Best
--



Re: Sorry OpenBSD people, been a bit busy

2013-10-07 Thread Richard Thornton
I am glad to know that it is a parody account;
You can easily go to court, in order to force Twitter to give up the names
 contact info of those responsible for the parody account if you would
like to sue, but then any off-color public remarks you have actually made
could be turned against you.  The best approach is to sue Twitter
directly.  It would be fun to see that stupid service shutdown.



On Mon, 7 Oct 2013, InterNetX - Robert Garrett wrote:

 Because people, are idiots, and like to attack others who do useful things.
 Keep your head up.

 RG

 On 10/07/2013 02:48 AM, dera...@cvs.openbsd.org wrote:
 Hi, yeah, it is really me.  I find it strange posting to misc,
 starting an email thread.  Normally I finish the threads here.

 Most OpenBSD developers have known for a while, but I think it is
 important to tell the greater community that I've been a bit busy for
 about the last year.  I have not been paying as much attention to
 OpenBSD development as I'm expected to.  Luckily, other developers
 have done a great job keeping it on track.

 Why?  With a group of others, I started setting up an Internet
 Exchange in Calgary, and this has taken much time because it is highly
 politicized and has encountered some resistance.

 http://yycix.ca
 https://en.wikipedia.org/wiki/YYCIX_Internet_Exchange_Community_Ltd

 Now, why do I mention this in relation to OpenBSD?  Well, at the end
 of 2007 someone decided to open an impersonation account on twitter in
 my name, and start sending a mix of things I have said (see wikiquote
 for instance), with things that I would never say.  That account is
 http://twitter.com/theoderaadt

 A few notes:  The account has now changed to declare that it is a
 parody account and renamed to Not Theo de Raadt, as of a few days
 ago.  If you read back into the past, you will see true character of
 the account and the individual.

 People in the local community were directed to the account, to give a
 negative, if not slanderous, view of my character.  The ones directing
 them have high-profile roles in the community, so people would take
 what they say as true.  Since I am the network manager for the
 exchange equipment, this by extension was meant to hurt YYCIX.

 Why would stewards of important infrastructure projects deliberately
 spread such false stories?

 I will not mention names.  I don't need to; many can dig a little and
 figure out who those actors are.  As a hint, search a little bit
 higher.

 Finally, one thing that particularily bothers me in the old postings
 is the mention of my old friend Itojun, a very dedicated developer of
 IPv6.  As many of you know, he and John Postel are the only two
 internet architects currently honoured on an annual basis by the
 Internet Society in the form of an award.


http://www.internetsociety.org/what-we-do/grants-and-awards/awards/itojun-ser
vice-award

 Layers of hurt being thrown around.  Why?



 Mit freundlichen Grüßen

 Robert Garrett
 Senior System Engineer
 Technical Projects  Solutions
 --
 InterNetX GmbH
 Maximilianstr. 6
 93047 Regensburg
 Germany

 Tel. +49 941 59559-480
 Fax  +49 941 59559-245

 www.internetx.com
 www.facebook.com/InterNetX
 www.twitter.com/InterNetX

 Geschäftsführer/CEO: Thomas Mörz
 Amtsgericht Regensburg, HRB 7142



Re: Sorry OpenBSD people, been a bit busy

2013-10-07 Thread Marko Cupać
I don't see a reason why Twitter is given that much attention. It surely
gets a lot of hype from all around, but I did not excpect it will get more
from OpenBSD mailing lists.

-- 
Marko Cupać



Re: Sorry OpenBSD people, been a bit busy

2013-10-07 Thread Gilles Cafedjian
Le 2013-10-07 12:30, Marko Cupać a écrit : 

 I don't see a reason why Twitter is given that much attention. It surely
 gets a lot of hype from all around, but I did not excpect it will get more
 from OpenBSD mailing lists.

Yes, let the people spend their time and energy for nothing. It's
absolutely not interesting to spend yours on this, It's a kid game. I
appraciate much more the work you do all on awsome project like OpenBSD
and YYCIX :)

Gilles Cafedjian. 



Re: Sorry OpenBSD people, been a bit busy

2013-10-07 Thread eric oyen
well,
Twitter does have its useful purposes. There is plenty of information on there 
of a technical nature. The major problem is just filtering out all the noise. 
Unfortunately, the idiots know about twitter and try to use it to their 
advantage. SOmetimes that works, and other times it backfires with very amusing 
results.

-eric

On Oct 7, 2013, at 6:32 AM, Gilles Cafedjian wrote:

 Le 2013-10-07 12:30, Marko Cupać a écrit : 
 
 I don't see a reason why Twitter is given that much attention. It surely
 gets a lot of hype from all around, but I did not excpect it will get more
 from OpenBSD mailing lists.
 
 Yes, let the people spend their time and energy for nothing. It's
 absolutely not interesting to spend yours on this, It's a kid game. I
 appraciate much more the work you do all on awsome project like OpenBSD
 and YYCIX :)
 
 Gilles Cafedjian. 



Re: Sorry OpenBSD people, been a bit busy

2013-10-07 Thread noah pugsley
Slander aside, pretty cool news. I do have one stupid question though,
what does the 'yy' in yycix stand for?

On 10/6/13, dera...@cvs.openbsd.org dera...@cvs.openbsd.org wrote:
 Hi, yeah, it is really me.  I find it strange posting to misc,
 starting an email thread.  Normally I finish the threads here.

 Most OpenBSD developers have known for a while, but I think it is
 important to tell the greater community that I've been a bit busy for
 about the last year.  I have not been paying as much attention to
 OpenBSD development as I'm expected to.  Luckily, other developers
 have done a great job keeping it on track.

 Why?  With a group of others, I started setting up an Internet
 Exchange in Calgary, and this has taken much time because it is highly
 politicized and has encountered some resistance.

 http://yycix.ca
 https://en.wikipedia.org/wiki/YYCIX_Internet_Exchange_Community_Ltd

 Now, why do I mention this in relation to OpenBSD?  Well, at the end
 of 2007 someone decided to open an impersonation account on twitter in
 my name, and start sending a mix of things I have said (see wikiquote
 for instance), with things that I would never say.  That account is
 http://twitter.com/theoderaadt

 A few notes:  The account has now changed to declare that it is a
 parody account and renamed to Not Theo de Raadt, as of a few days
 ago.  If you read back into the past, you will see true character of
 the account and the individual.

 People in the local community were directed to the account, to give a
 negative, if not slanderous, view of my character.  The ones directing
 them have high-profile roles in the community, so people would take
 what they say as true.  Since I am the network manager for the
 exchange equipment, this by extension was meant to hurt YYCIX.

 Why would stewards of important infrastructure projects deliberately
 spread such false stories?

 I will not mention names.  I don't need to; many can dig a little and
 figure out who those actors are.  As a hint, search a little bit
 higher.

 Finally, one thing that particularily bothers me in the old postings
 is the mention of my old friend Itojun, a very dedicated developer of
 IPv6.  As many of you know, he and John Postel are the only two
 internet architects currently honoured on an annual basis by the
 Internet Society in the form of an award.

 http://www.internetsociety.org/what-we-do/grants-and-awards/awards/itojun-service-award

 Layers of hurt being thrown around.  Why?



Re: Sorry OpenBSD people, been a bit busy

2013-10-07 Thread Brad Smith

On 07/10/13 9:57 PM, noah pugsley wrote:

Slander aside, pretty cool news. I do have one stupid question though,
what does the 'yy' in yycix stand for?


It is not YY it is YYC. It is an airport code.

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



Re: Sorry OpenBSD people, been a bit busy

2013-10-07 Thread Scott McEachern

On 10/07/13 21:57, noah pugsley wrote:

Slander aside, pretty cool news. I do have one stupid question though,
what does the 'yy' in yycix stand for?


YYC is the International Air Transport Association airport code for the 
Calgary International Airport.  Eg. YYZ is Toronto's Pearson airport, 
London's Heathrow is LHR, etc.


I'd imagine they chose YYC to clearly indicate the IX location.

https://en.wikipedia.org/wiki/International_Air_Transport_Association_airport_code

--
Scott McEachern

https://www.blackstaff.ca

Beware the Four Horsemen of the Information Apocalypse: terrorists, drug dealers, 
kidnappers, and child pornographers. Seems like you can scare any public into allowing 
the government to do anything with those four.  -- Bruce Schneier



Re: Sorry OpenBSD people, been a bit busy

2013-10-07 Thread Letcher Ross
On Mon, Oct 7, 2013 at 6:57 PM, noah pugsley noah.pugs...@gmail.com wrote:

 Slander aside, pretty cool news. I do have one stupid question though,
 what does the 'yy' in yycix stand for?

 On 10/6/13, dera...@cvs.openbsd.org dera...@cvs.openbsd.org wrote:
  Hi, yeah, it is really me.  I find it strange posting to misc,
  starting an email thread.  Normally I finish the threads here.
 
  Most OpenBSD developers have known for a while, but I think it is
  important to tell the greater community that I've been a bit busy for
  about the last year.  I have not been paying as much attention to
  OpenBSD development as I'm expected to.  Luckily, other developers
  have done a great job keeping it on track.
 
  Why?  With a group of others, I started setting up an Internet
  Exchange in Calgary, and this has taken much time because it is highly
  politicized and has encountered some resistance.
 
  http://yycix.ca
  https://en.wikipedia.org/wiki/YYCIX_Internet_Exchange_Community_Ltd
 
  Now, why do I mention this in relation to OpenBSD?  Well, at the end
  of 2007 someone decided to open an impersonation account on twitter in
  my name, and start sending a mix of things I have said (see wikiquote
  for instance), with things that I would never say.  That account is
  http://twitter.com/theoderaadt
 
  A few notes:  The account has now changed to declare that it is a
  parody account and renamed to Not Theo de Raadt, as of a few days
  ago.  If you read back into the past, you will see true character of
  the account and the individual.
 
  People in the local community were directed to the account, to give a
  negative, if not slanderous, view of my character.  The ones directing
  them have high-profile roles in the community, so people would take
  what they say as true.  Since I am the network manager for the
  exchange equipment, this by extension was meant to hurt YYCIX.
 
  Why would stewards of important infrastructure projects deliberately
  spread such false stories?
 
  I will not mention names.  I don't need to; many can dig a little and
  figure out who those actors are.  As a hint, search a little bit
  higher.
 
  Finally, one thing that particularily bothers me in the old postings
  is the mention of my old friend Itojun, a very dedicated developer of
  IPv6.  As many of you know, he and John Postel are the only two
  internet architects currently honoured on an annual basis by the
  Internet Society in the form of an award.
 
 
 http://www.internetsociety.org/what-we-do/grants-and-awards/awards/itojun-service-award
 
  Layers of hurt being thrown around.  Why?


YYC is the IATA code for Calgary airport.

Taru



Re: Sorry OpenBSD people, been a bit busy

2013-10-07 Thread noah pugsley
Thank you both for answering my question.

On 10/7/13, Scott McEachern sc...@blackstaff.ca wrote:
 On 10/07/13 21:57, noah pugsley wrote:
 Slander aside, pretty cool news. I do have one stupid question though,
 what does the 'yy' in yycix stand for?

 YYC is the International Air Transport Association airport code for the
 Calgary International Airport.  Eg. YYZ is Toronto's Pearson airport,
 London's Heathrow is LHR, etc.

 I'd imagine they chose YYC to clearly indicate the IX location.

 https://en.wikipedia.org/wiki/International_Air_Transport_Association_airport_code

 --
 Scott McEachern

 https://www.blackstaff.ca

 Beware the Four Horsemen of the Information Apocalypse: terrorists, drug
 dealers, kidnappers, and child pornographers. Seems like you can scare any
 public into allowing the government to do anything with those four.  --
 Bruce Schneier



Re: Sorry OpenBSD people, been a bit busy

2013-10-07 Thread Jean Lucas
On Sun, Oct 6, 2013 at 8:48 PM, dera...@cvs.openbsd.org wrote:

 Hi, yeah, it is really me.  I find it strange posting to misc,
 starting an email thread.  Normally I finish the threads here.

 Most OpenBSD developers have known for a while, but I think it is
 important to tell the greater community that I've been a bit busy for
 about the last year.  I have not been paying as much attention to
 OpenBSD development as I'm expected to.  Luckily, other developers
 have done a great job keeping it on track.

 Why?  With a group of others, I started setting up an Internet
 Exchange in Calgary, and this has taken much time because it is highly
 politicized and has encountered some resistance.

 http://yycix.ca
 https://en.wikipedia.org/wiki/YYCIX_Internet_Exchange_Community_Ltd

 Now, why do I mention this in relation to OpenBSD?  Well, at the end
 of 2007 someone decided to open an impersonation account on twitter in
 my name, and start sending a mix of things I have said (see wikiquote
 for instance), with things that I would never say.  That account is
 http://twitter.com/theoderaadt

 A few notes:  The account has now changed to declare that it is a
 parody account and renamed to Not Theo de Raadt, as of a few days
 ago.  If you read back into the past, you will see true character of
 the account and the individual.

 People in the local community were directed to the account, to give a
 negative, if not slanderous, view of my character.  The ones directing
 them have high-profile roles in the community, so people would take
 what they say as true.  Since I am the network manager for the
 exchange equipment, this by extension was meant to hurt YYCIX.

 Why would stewards of important infrastructure projects deliberately
 spread such false stories?

 I will not mention names.  I don't need to; many can dig a little and
 figure out who those actors are.  As a hint, search a little bit
 higher.

 Finally, one thing that particularily bothers me in the old postings
 is the mention of my old friend Itojun, a very dedicated developer of
 IPv6.  As many of you know, he and John Postel are the only two
 internet architects currently honoured on an annual basis by the
 Internet Society in the form of an award.


 http://www.internetsociety.org/what-we-do/grants-and-awards/awards/itojun-service-award

 Layers of hurt being thrown around.  Why?

 People are people, that's why.

Keep up the good philanthropic work and don't let the long faces get you
down.



Re: Sorry OpenBSD people, been a bit busy

2013-10-07 Thread Indunil Jayasooriya
 Yes, let the people spend their time and energy for nothing. It's
 absolutely not interesting to spend yours on this, It's a kid game. I
 appraciate much more the work you do all on awsome project like OpenBSD
 and YYCIX :)




I also agree with you. This is a useless  topic. Let's discard it.




-- 
Thank you
Indunil Jayasooriya
http://www.theravadanet.net/
http://www.siyabas.lk/sinhala_how_to_install.html   -  Download Sinhala
Fonts



Sorry OpenBSD people, been a bit busy

2013-10-06 Thread deraadt
Hi, yeah, it is really me.  I find it strange posting to misc,
starting an email thread.  Normally I finish the threads here.

Most OpenBSD developers have known for a while, but I think it is
important to tell the greater community that I've been a bit busy for
about the last year.  I have not been paying as much attention to
OpenBSD development as I'm expected to.  Luckily, other developers
have done a great job keeping it on track.

Why?  With a group of others, I started setting up an Internet
Exchange in Calgary, and this has taken much time because it is highly
politicized and has encountered some resistance.

http://yycix.ca
https://en.wikipedia.org/wiki/YYCIX_Internet_Exchange_Community_Ltd

Now, why do I mention this in relation to OpenBSD?  Well, at the end
of 2007 someone decided to open an impersonation account on twitter in
my name, and start sending a mix of things I have said (see wikiquote
for instance), with things that I would never say.  That account is
http://twitter.com/theoderaadt

A few notes:  The account has now changed to declare that it is a
parody account and renamed to Not Theo de Raadt, as of a few days
ago.  If you read back into the past, you will see true character of
the account and the individual.

People in the local community were directed to the account, to give a
negative, if not slanderous, view of my character.  The ones directing
them have high-profile roles in the community, so people would take
what they say as true.  Since I am the network manager for the
exchange equipment, this by extension was meant to hurt YYCIX.

Why would stewards of important infrastructure projects deliberately
spread such false stories?

I will not mention names.  I don't need to; many can dig a little and
figure out who those actors are.  As a hint, search a little bit
higher.

Finally, one thing that particularily bothers me in the old postings
is the mention of my old friend Itojun, a very dedicated developer of
IPv6.  As many of you know, he and John Postel are the only two
internet architects currently honoured on an annual basis by the
Internet Society in the form of an award.

http://www.internetsociety.org/what-we-do/grants-and-awards/awards/itojun-service-award

Layers of hurt being thrown around.  Why?